package com.calvin.study.realm;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

//自定义Realm完成认证和授权
public class CustomerRealm extends AuthorizingRealm {

	//授权
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		// TODO Auto-generated method stub
		return null;
	}

	//认证
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		//标识用户身份的唯一凭证 可以是用户名、手机号、证件号…必须是唯一的
		String username = (String) token.getPrincipal();
		System.out.println(username);
		
		//模拟从数据库查询用户名密码信息
		if("admin".equals(username)) {
			String pwd = "admin";
			SimpleAuthenticationInfo authInfo = new SimpleAuthenticationInfo(username, pwd, this.getName());
			return authInfo;
		}
		return null;
	}

}
